SYDNEY, 1 March 2017 –Trend Micro today released its annual security roundup report, “2016 security roundup: a record year for enterprise threats,” revealing 2016 was truly the year of online extortion. Cyber threats reached an all-time high in 2016, with ransomware and Business Email Compromise (BEC) scams gaining increased popularity among cybercriminals looking to extort enterprises.

A 752 percent increase in new ransomware families ultimately resulted in US$1 billion in losses for enterprises worldwide. “Ransomware is exploding and diversifying due to the ability for cybercriminals to not just threaten data encryption, but threaten inconvenience and potential damage,” said Dr. Jon Oliver, data scientist and senior architect at Trend Micro. “Ransomware dominated the threat landscape in 2016, causing losses and immense business disruption across multiple industries. Australian enterprises must adopt multi-layered security solutions to optimally combat these threats that could attempt to penetrate corporate networks at any time.”

Trend Micro and the Zero Day Initiative (ZDI) discovered 765 vulnerabilities in 2016. Of these, 678 were brought to ZDI through their bug bounty program, then ZDI verifies and discloses the issue to the affected vendor.

Compared to vulnerabilities discovered by Trend Micro and ZDI in 2015, Apple saw a 145 percent increase in vulnerabilities, while Microsoft bugs decreased by 47 percent. Additionally, the use of new vulnerabilities in exploit kits dropped by 71 percent, which is partially due to the arrest of the threat actors behind Angler that took place in June 2016. Australia saw exploit kits almost 31,000 times in Q4 2016 alone.

“As threats have diversified and grown in sophistication, cybercriminals have moved on from primarily targeting individuals to focusing on where the money is: enterprises,” said Ed Cabrera, chief cybersecurity officer for Trend Micro. “Throughout 2016 we witnessed threat actors extort companies and organisations for the sake of profitability and we don’t anticipate this trend slowing down. This research aims to educate enterprises on the threat tactics actively being used to compromise their data, and help companies adopt strategies to stay one step ahead and protect against potential attacks.”

Report highlights include:

Growth of ransomware – Throughout the course of 12 months, the number of ransomware families grew from 29 to 247. One leading factor to explain this increase is the profitability of ransomware. Although individuals and organisations are encouraged not to pay the ransom, cybercriminals still managed to rake in roughly US$1 billion last year.

BEC scams on the rise – Much like ransomware, BEC scams proved to be incredibly lucrative for cybercriminals, resulting in an average of US$140,000 in losses for companies around the globe. These scams also highlighted the effectiveness of social engineering techniques for threat actors targeting enterprises.

A variety of vulnerabilities – Trend Micro and the Zero Day Initiative (ZDI) discovered a record high number of vulnerabilities in 2016, most of which were found in Adobe Acrobat Reader DC and Advantech’s WebAccess. Both applications are widely used throughout enterprise and Supervisory Control and Data Acquisition (SCADA) systems.

Angler Exploit’s exit – Following the arrest of 50 cybercriminals, the once dominant Angler exploit kit slowly faded out of the spotlight until it ceased to exist. While it didn’t take long for new exploit kits to burst onto the scene in Angler’s absence, by the end of 2016, the amount of vulnerabilities included in exploit kits had decreased by 71 percent.

Banking trojans and ATM malware – Cybercriminals have been using ATM malware, skimming cards and banking Trojans for a while now. However, the attacks have diversified in recent years, giving threat actors access to personally identifiable information (PII) and credentials, which can also be used to gain a foothold inside enterprise networks. More than 7,000 instances of banking malware were detected in Australia in 2016.

Mirai’s massive attack – In October 2016, attackers took advantage of poorly secured IoT devices to issue a distributed denial-of-service (DDoS) attack that hijacked approximately 100,000 IoT devices and forced websites such as Twitter, Reddit and Spotify to go offline for several hours.

Yahoo’s history making data breach – Yahoo experienced the largest data breach in history in August 2013, compromising 1 billion account users’ information. However, the incident was not disclosed until three months after reports of a separate data breach in September 2016, which involved 500 million more accounts. These events stirred up the responsible disclosure conversation and the accountability companies have to their customers regarding the security of user data. Australia’s long-anticipated Notifiable Data Breaches Bill passed the Senate in February and new rules requiring organisations to inform the Australian Information Commissioner and members of the public if their data has been compromised, and the new rules will come into effect in 12 months.

Trend Micro Incorporated, a global leader in cybersecurity solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centres, cloud environments, networks, and endpoints. All our products work together to seamlessly share threat intelligence and provide a connected threat defence with centralised visibility and control, enabling better, faster protection. With more than 5,000 employees in more than 50 countries and the world’s most advanced global threat intelligence, Trend Micro enables organisations to secure their journey to the cloud. For more information, visit www.trendmicro.com.au